Synopsis: Important: kernel security, bug fix, and enhancement update
Issue date: 2011-01-04
CVE Names: CVE-2010-3432 CVE-2010-3442 CVE-2010-3699
CVE-2010-3858 CVE-2010-3859 CVE-2010-3865
CVE-2010-3876 CVE-2010-3880 CVE-2010-4083
CVE-2010-4157 CVE-2010-4161 CVE-2010-4242
CVE-2010-4247 CVE-2010-4248
This update fixes the following security issues:
* A flaw was found in sctp_packet_config() in the Linux kernel's Stream
Control Transmission Protocol (SCTP) implementation. A remote attacker
could use this flaw to cause a denial of service. (CVE-2010-3432,
Important)
* A missing integer overflow check was found in snd_ctl_new() in the
Linux kernel's sound subsystem. A local, unprivileged user on a 32-bit
system could use this flaw to cause a denial of service or escalate
their privileges. (CVE-2010-3442, Important)
* A heap overflow flaw in the Linux kernel's Transparent Inter-Process
Communication protocol (TIPC) implementation could allow a local,
unprivileged user to escalate their privileges. (CVE-2010-3859, Important)
* An integer overflow flaw was found in the Linux kernel's Reliable
Datagram Sockets (RDS) protocol implementation. A local, unprivileged
user could use this flaw to cause a denial of service or escalate their
privileges. (CVE-2010-3865, Important)
* A flaw was found in the Xenbus code for the unified block-device I/O
interface back end. A privileged guest user could use this flaw to cause
a denial of service on the host system running the Xen hypervisor.
(CVE-2010-3699, Moderate)
* Missing sanity checks were found in setup_arg_pages() in the Linux
kernel. When making the size of the argument and environment area on the
stack very large, it could trigger a BUG_ON(), resulting in a local
denial of service. (CVE-2010-3858, Moderate)
* A flaw was found in inet_csk_diag_dump() in the Linux kernel's module
for monitoring the sockets of INET transport protocols. By sending a
netlink message with certain bytecode, a local, unprivileged user could
cause a denial of service. (CVE-2010-3880, Moderate)
* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth
driver in the Linux kernel. A local user with access to "/dev/gdth" on a
64-bit system could use this flaw to cause a denial of service or
escalate their privileges. (CVE-2010-4157, Moderate)
* The fix put into kernel-2.6.18-164.el5 introduced a regression. A
local, unprivileged user could use this flaw to cause a denial of
service. (CVE-2010-4161, Moderate)
* A NULL pointer dereference flaw was found in the Bluetooth HCI UART
driver in the Linux kernel. A local, unprivileged user could use this
flaw to cause a denial of service. (CVE-2010-4242, Moderate)
* It was found that a malicious guest running on the Xen hypervisor
could place invalid data in the memory that the guest shared with the
blkback and blktap back-end drivers, resulting in a denial of service on
the host system. (CVE-2010-4247, Moderate)
* A flaw was found in the Linux kernel's CPU time clocks implementation
for the POSIX clock interface. A local, unprivileged user could use this
flaw to cause a denial of service. (CVE-2010-4248, Moderate)
* Missing initialization flaws in the Linux kernel could lead to
information leaks. (CVE-2010-3876, CVE-2010-4083, Low)
This update also fixes several bugs and adds an enhancement.
The system must be rebooted for this update to take effect.
SL 5.x
SRPMS:
kernel-2.6.18-194.32.1.el5.src.rpm
i386:
kernel-2.6.18-194.32.1.el5.i686.rpm
kernel-debug-2.6.18-194.32.1.el5.i686.rpm
kernel-debug-devel-2.6.18-194.32.1.el5.i686.rpm
kernel-devel-2.6.18-194.32.1.el5.i686.rpm
kernel-doc-2.6.18-194.32.1.el5.noarch.rpm
kernel-PAE-2.6.18-194.32.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-194.32.1.el5.i686.rpm
kernel-xen-2.6.18-194.32.1.el5.i686.rpm
kernel-xen-devel-2.6.18-194.32.1.el5.i686.rpm
Dependancies:
kernel-module-aufs-2.6.18-194.32.1.el5-0.20090202.cvs-6.sl5.i686.rpm
kernel-module-aufs-2.6.18-194.32.1.el5PAE-0.20090202.cvs-6.sl5.i686.rpm
kernel-module-aufs-2.6.18-194.32.1.el5xen-0.20090202.cvs-6.sl5.i686.rpm
kernel-module-ipw3945-2.6.18-194.32.1.el5-1.2.0-2.sl5.i686.rpm
kernel-module-ipw3945-2.6.18-194.32.1.el5PAE-1.2.0-2.sl5.i686.rpm
kernel-module-ipw3945-2.6.18-194.32.1.el5xen-1.2.0-2.sl5.i686.rpm
kernel-module-madwifi-2.6.18-194.32.1.el5-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-2.6.18-194.32.1.el5PAE-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-2.6.18-194.32.1.el5xen-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-hal-2.6.18-194.32.1.el5-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-hal-2.6.18-194.32.1.el5PAE-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-hal-2.6.18-194.32.1.el5xen-0.9.4-15.sl5.i686.rpm
kernel-module-ndiswrapper-2.6.18-194.32.1.el5-1.55-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.18-194.32.1.el5PAE-1.55-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.18-194.32.1.el5xen-1.55-1.SL.i686.rpm
kernel-module-openafs-2.6.18-194.32.1.el5-1.4.12-79.sl5.i686.rpm
kernel-module-openafs-2.6.18-194.32.1.el5PAE-1.4.12-79.sl5.i686.rpm
kernel-module-openafs-2.6.18-194.32.1.el5xen-1.4.12-79.sl5.i686.rpm
kernel-module-xfs-2.6.18-194.32.1.el5-0.4-2.sl5.i686.rpm
kernel-module-xfs-2.6.18-194.32.1.el5PAE-0.4-2.sl5.i686.rpm
kernel-module-xfs-2.6.18-194.32.1.el5xen-0.4-2.sl5.i686.rpm
x86_64:
kernel-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debug-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-194.32.1.el5.x86_64.rpm
kernel-devel-2.6.18-194.32.1.el5.x86_64.rpm
kernel-doc-2.6.18-194.32.1.el5.noarch.rpm
kernel-headers-2.6.18-194.32.1.el5.x86_64.rpm
kernel-xen-2.6.18-194.32.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-194.32.1.el5.x86_64.rpm
Dependancies:
kernel-module-aufs-2.6.18-194.32.1.el5-0.20090202.cvs-6.sl5.x86_64.rpm
kernel-module-aufs-2.6.18-194.32.1.el5xen-0.20090202.cvs-6.sl5.x86_64.rpm
kernel-module-ipw3945-2.6.18-194.32.1.el5-1.2.0-2.sl5.x86_64.rpm
kernel-module-ipw3945-2.6.18-194.32.1.el5xen-1.2.0-2.sl5.x86_64.rpm
kernel-module-madwifi-2.6.18-194.32.1.el5-0.9.4-15.sl5.x86_64.rpm
kernel-module-madwifi-2.6.18-194.32.1.el5xen-0.9.4-15.sl5.x86_64.rpm
kernel-module-madwifi-hal-2.6.18-194.32.1.el5-0.9.4-15.sl5.x86_64.rpm
kernel-module-madwifi-hal-2.6.18-194.32.1.el5xen-0.9.4-15.sl5.x86_64.rpm
kernel-module-ndiswrapper-2.6.18-194.32.1.el5-1.55-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.18-194.32.1.el5xen-1.55-1.SL.x86_64.rpm
kernel-module-openafs-2.6.18-194.32.1.el5-1.4.11-76.sl5.x86_64.rpm
kernel-module-openafs-2.6.18-194.32.1.el5-1.4.12-79.sl5.x86_64.rpm
kernel-module-openafs-2.6.18-194.32.1.el5xen-1.4.11-76.sl5.x86_64.rpm
kernel-module-openafs-2.6.18-194.32.1.el5xen-1.4.12-79.sl5.x86_64.rpm
-Connie Sieh
-Troy Dawson
